I was staying at a Hilton (Omaha, NE) last night and their captive portal scared me off by putting the MAC address, IP address, and user agent in the query string, plus network stuff like the VLAN id and the MAC address of some piece of network gear that's servicing you. It seemed like they had a pretty complex system to deter abuse.
Of course, I just tethered my phone and got way better service than their crappy $10/day wifi.
Of course, I just tethered my phone and got way better service than their crappy $10/day wifi.